TechSpot

Possible Virus/Malware Ect

By Burgh24
Aug 27, 2007
Topic Status:
Not open for further replies.
  1. Hello,

    I recently was infected with the SMGR.exe virus. I thought I had removed the virus, however I am still noticing my computer is running slow. I also still recieve many pop ups. I have attached my log file. Please let me know if you notice anything suspicous.

    Thank you very much for the help!!
  2. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Hello and welcome to Techspot.

    Your system has a nasty vundo infection.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :wave: :wave:

    This thread is for the use of Burgh24 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  3. Burgh24

    Burgh24 Newcomer, in training Topic Starter

    Thank You Howard. I am almost done with the instructions I hope to finish tonight after work and give you an updated HJT log. Thanks again for your help!
  4. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    No problem mate, we`ll see if we can get you sorted out.

    Just remember to post all the requested log files.

    Regards Howard :)

    This thread is for the use of Burgh24 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  5. Burgh24

    Burgh24 Newcomer, in training Topic Starter

    Hi Howard,

    I have finished all of the steps. here are my logs.

    HJT:


    AntiRootKit found nothing.

    Let me know what you think.

    Thanks,

    Brian
  6. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    All items in your AVG Antispyware log say "No Action Taken". That`s because you haven`t told AVG Antispyware to quarantine it`s results as per the instructions. See this pictorial guide.

    I requested you post a Combofix log, please do so in your next reply.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O20 - Winlogon Notify: gebca - C:\WINDOWS\system32\gebca.dll (file missing)

    O20 - Winlogon Notify: qomjkii - qomjkii.dll (file missing)

    Click on the fix checked button.

    Close HJT and reboot your system.

    Post fresh HJT, Combofix and AVG Antispyware logs as attachments

    Regards Howard :)

    This thread is for the use of Burgh24 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  7. Burgh24

    Burgh24 Newcomer, in training Topic Starter

    I have attached the updated logs.

    Thanks again for your help.
  8. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Everything looks fine there.

    Unless you`re still having problems, you should be good to go.

    If your problems are solved, do the following.

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of Burgh24 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  9. Burgh24

    Burgh24 Newcomer, in training Topic Starter

    Thank you for all of your help!

    Do you have a suggestion as far as anitvirus/spyware program that I should use?

    I would like to consilidate and only use one program if possible
  10. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.